projects / platform / framework / native / appfw.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Remove the memory leak on osp-security-service
[platform/framework/native/appfw.git] / src / security / FSec_AccessController.cpp
1 //
2 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
3 //
4 // Licensed under the Apache License, Version 2.0 (the License);
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 //     http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 //
16
17 /**
18  * @file        FSec_AccessController.cpp
19  * @brief       This is the implementation for the _AccessController class.
20  */
21
22 #include <unique_ptr.h>
23 #include <FAppTypes.h>
24 #include <FAppApplication.h>
25 #include <FApp_AppInfo.h>
26 #include <FApp_AppManagerImpl.h>
27 #include <FAppPkg_PackageInfoImpl.h>
28 #include <FBaseSysLog.h>
29 #include <FBaseString.h>
30 #include <FBaseColArrayList.h>
31 #include <FBaseColArrayListT.h>
32 #include <FBase_StringConverter.h>
33 #include <FIoFile.h>
34 #include <FIo_IpcClient.h>
35 #include <privacy_checker_client.h>
36 #include "FSec_AccessController.h"
37 #include "FSec_PrivilegeManager.h"
38 #include "FSec_PrivilegeManagerMessage.h"
39 #include "FSec_PrivilegeInfo.h"
40
41 using namespace Tizen::App;
42 using namespace Tizen::App::Package;
43 using namespace Tizen::Base;
44 using namespace Tizen::Base::Collection;
45 using namespace Tizen::Io;
46
47 static bool isConstructed = false;
48 static std::unique_ptr<_IpcClient> pIpcClient(null);
49 static pthread_once_t onceBlock = PTHREAD_ONCE_INIT;
50 static pthread_once_t ipcOnceBlock = PTHREAD_ONCE_INIT;
51
52 namespace Tizen { namespace Security
53 {
54
55 _PrivilegeManager* _AccessController::__pPrivilegeManager = null;
56
57 static std::unique_ptr<String> pEncryptedPrivileges(null);
58 static std::unique_ptr<String> pChecksum(null);
59 static std::unique_ptr<String> pEncryptedVisibility(null);
60 static std::unique_ptr<String> pVisibilityChecksum(null);
61 static std::unique_ptr<ArrayList> pPrivilegeList(null);
62
63 _AccessController::_AccessController(void)
64 {
65
66 }
67
68 _AccessController::~_AccessController(void)
69 {
70         if (pPrivilegeList != null)
71         {
72                 pPrivilegeList->RemoveAll(true);
73         }
74 }
75
76 result
77 _AccessController::CheckSystemPrivilege(const PackageId& packageId, _Privilege privilege)
78 {
79         bool ret = false;
80
81         SysTryReturnResult(NID_SEC, (privilege >= 0) && (privilege < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
82
83         String subAppId;
84         packageId.SubString(0, MAX_APP_ID_SIZE, subAppId);
85
86         _PackageInfoImpl infoImpl;
87         result r = infoImpl.Construct(subAppId);
88         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
89
90         String webAppType(L"wgt");
91         String appType = infoImpl.GetAppType();
92         if (appType.Equals(webAppType, true))
93         {
94                 return E_SUCCESS;
95         }
96
97         if (__pPrivilegeManager == null)
98         {
99                 __pPrivilegeManager = _PrivilegeManager::GetInstance();
100         }
101         SysTryReturnResult(NID_SEC, __pPrivilegeManager != null, E_SYSTEM, "An unexpected system error occurred.");
102
103         std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId));
104         r = GetLastResult();
105
106         if (r == E_SUCCESS)
107         {
108                 // nothing to do.
109         }
110         else if (r == E_DATA_NOT_FOUND)
111         {
112                 SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist.");
113                 goto CATCH;
114         }
115         else
116         {
117                 SysLogException(NID_SEC, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
118                 return E_SYSTEM;
119         }
120
121         ret = pPrivilegeInfo->HasPrivilege(privilege);
122         if (!ret)
123         {
124                 r = E_PRIVILEGE_DENIED;
125                 goto CATCH;
126         }
127
128         r = CheckPrivacy(packageId, privilege);
129         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_USER_NOT_CONSENTED, "The user blocks an application from calling the method.");
130
131         return r;
132
133 CATCH:
134
135         SysLogException(NID_SEC,  r, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
136
137         _AppManagerImpl* pAppManagerImpl = _AppManagerImpl::GetInstance();
138         pAppManagerImpl->TerminateApplications(packageId);
139
140         return r;
141 }
142
143 result
144 _AccessController::CheckSystemPrivilege(const PackageId& packageId, _Privilege privilege1, _Privilege privilege2)
145 {
146         bool ret = false;
147
148         SysTryReturnResult(NID_SEC, (privilege1 >= 0) && (privilege1 < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
149         SysTryReturnResult(NID_SEC, (privilege2 >= 0) && (privilege2 < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
150
151         String subAppId;
152         packageId.SubString(0, MAX_APP_ID_SIZE, subAppId);
153
154         _PackageInfoImpl infoImpl;
155         result r = infoImpl.Construct(subAppId);
156         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
157
158         String webAppType(L"wgt");
159         String appType = infoImpl.GetAppType();
160         if (appType.Equals(webAppType, true))
161         {
162                 return E_SUCCESS;
163         }
164
165         if (__pPrivilegeManager == null)
166         {
167                 __pPrivilegeManager = _PrivilegeManager::GetInstance();
168         }
169         SysTryReturnResult(NID_SEC, __pPrivilegeManager != null, E_SYSTEM, "An unexpected system error occurred.");
170
171         std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId));
172         r = GetLastResult();
173
174         if (r == E_SUCCESS)
175         {
176                 // nothing to do.
177         }
178         else if (r == E_DATA_NOT_FOUND)
179         {
180                 SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist.");
181                 goto CATCH;
182         }
183         else
184         {
185                 SysLogException(NID_SEC, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
186                 return E_SYSTEM;
187         }
188
189         ret = pPrivilegeInfo->HasPrivilegeEx(privilege1);
190         if (!ret)
191         {
192                 ret = pPrivilegeInfo->HasPrivilege(privilege2);
193                 if (!ret)
194                 {
195                         r = E_PRIVILEGE_DENIED;
196                         goto CATCH;
197                 }
198         }
199
200         r = CheckPrivacy(packageId, privilege2);
201         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_USER_NOT_CONSENTED, "The user blocks an application from calling the method.");
202
203         return r;
204
205 CATCH:
206
207         SysLogException(NID_SEC,  r, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
208
209         _AppManagerImpl* pAppManagerImpl = _AppManagerImpl::GetInstance();
210         pAppManagerImpl->TerminateApplications(packageId);
211
212         return r;
213 }
214
215 result
216 _AccessController::CheckPrivilege(const PackageId& packageId, const String& privilege)
217 {
218         bool ret = false;
219
220         String subAppId;
221         packageId.SubString(0, MAX_APP_ID_SIZE, subAppId);
222
223         _PackageInfoImpl infoImpl;
224         result r = infoImpl.Construct(subAppId);
225         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
226
227         String webAppType(L"wgt");
228         String appType = infoImpl.GetAppType();
229         if (appType.Equals(webAppType, true))
230         {
231                 return E_SUCCESS;
232         }
233
234         if (__pPrivilegeManager == null)
235         {
236                 __pPrivilegeManager = _PrivilegeManager::GetInstance();
237         }
238         SysTryReturnResult(NID_SEC, __pPrivilegeManager != null, E_SYSTEM, "An unexpected system error occurred.");
239
240         std::unique_ptr<_PrivilegeInfo> pPrivilegeInfo(__pPrivilegeManager->RetrievePrivilegeInfoN(subAppId));
241         r = GetLastResult();
242
243         if (r == E_SUCCESS)
244         {
245                 // nothing to do.
246         }
247         else if (r == E_DATA_NOT_FOUND)
248         {
249                 SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist.");
250                 goto CATCH;
251         }
252         else
253         {
254                 SysLogException(NID_SEC, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
255                 return E_SYSTEM;
256         }
257
258         ret = pPrivilegeInfo->HasPrivilege(privilege);
259         if (!ret)
260         {
261                 r = E_PRIVILEGE_DENIED;
262                 goto CATCH;
263         }
264
265         r = CheckPrivacy(packageId, privilege);
266         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_USER_NOT_CONSENTED, "The user blocks an application from calling the method.");
267
268         return r;
269
270 CATCH:
271
272         SysLogException(NID_SEC,  r, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
273
274         _AppManagerImpl* pAppManagerImpl = _AppManagerImpl::GetInstance();
275         pAppManagerImpl->TerminateApplications(packageId);
276
277         return r;
278 }
279
280 void
281 _AccessController::InitIpcClient(void)
282 {
283         std::unique_ptr<_IpcClient> pLocalIpcClient(new (std::nothrow) _IpcClient);
284         SysTryReturnVoidResult(NID_SEC, pLocalIpcClient != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
285
286         result r = pLocalIpcClient->Construct(L"osp.security.ipcserver.privilegemanager", null);
287         SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "Failed to construct the instance of IPC.");
288
289         pIpcClient = std::move(pLocalIpcClient);
290         return;
291 }
292
293 void
294 _AccessController::Initialize(void)
295 {
296         result r = E_SUCCESS;
297
298     if (pIpcClient == null)
299     {
300         pthread_once(&ipcOnceBlock, InitIpcClient);
301         r = GetLastResult();
302         if (IsFailed(r))
303         {
304                 ipcOnceBlock = PTHREAD_ONCE_INIT;
305                         SysLogException(NID_SEC, r, "[%s] Propagated.", GetErrorMessage(r));
306                         return;
307         }
308     }
309
310         pEncryptedPrivileges.reset(new (std::nothrow) String());
311         SysTryReturnVoidResult(NID_SEC, pEncryptedPrivileges != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
312
313         pChecksum.reset(new (std::nothrow) String());
314         SysTryReturnVoidResult(NID_SEC, pChecksum != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
315
316         std::unique_ptr< ArrayListT< String > > pPrivilegeListT(new ArrayListT< String >());
317         SysTryReturnVoidResult(NID_SEC, pPrivilegeListT != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
318
319         pPrivilegeListT->Construct();
320
321         std::unique_ptr<IPC::Message> pCipherPrivilegeMessage(new (std::nothrow) PrivilegeManagerMsg_retrieve(pEncryptedPrivileges.get(), pChecksum.get(), pPrivilegeListT.get(), &r));
322         SysTryReturnVoidResult(NID_SEC, pCipherPrivilegeMessage != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
323
324         result ipcResult = pIpcClient->SendRequest(pCipherPrivilegeMessage.get());
325         SysTryReturnVoidResult(NID_SEC, ipcResult == E_SUCCESS, E_SYSTEM, "Failed to send IPC message.");
326         SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, r, "Failed to retrieve privilege information");
327
328         pPrivilegeList.reset(new ArrayList(SingleObjectDeleter));
329         SysTryReturnVoidResult(NID_SEC, pPrivilegeList != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
330         pPrivilegeList->Construct();
331
332         std::unique_ptr<IEnumeratorT< String > > pEnum(pPrivilegeListT->GetEnumeratorN());
333         while (pEnum->MoveNext() == E_SUCCESS)
334         {
335                 String tempString;
336                 pEnum->GetCurrent(tempString);
337                 pPrivilegeList->Add(new String(tempString));
338         }
339         pPrivilegeListT->RemoveAll();
340
341         pEncryptedVisibility.reset(new (std::nothrow) String());
342         SysTryReturnVoidResult(NID_SEC, pEncryptedVisibility != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
343
344         pVisibilityChecksum.reset(new (std::nothrow) String());
345         SysTryReturnVoidResult(NID_SEC, pVisibilityChecksum != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
346
347         std::unique_ptr<IPC::Message> pCipherVisibilityMessage(new (std::nothrow) PrivilegeManagerMsg_retrieveEx(pEncryptedVisibility.get(), pVisibilityChecksum.get(), &r));
348         SysTryReturnVoidResult(NID_SEC, pCipherVisibilityMessage != null, E_OUT_OF_MEMORY, "The memory is insufficient.");
349
350         ipcResult = pIpcClient->SendRequest(pCipherVisibilityMessage.get());
351         SysTryReturnVoidResult(NID_SEC, ipcResult == E_SUCCESS, E_SYSTEM, "Failed to send IPC message.");
352         SysTryReturnVoidResult(NID_SEC, r == E_SUCCESS, r, "Failed to retrieve privilege information");
353
354         isConstructed = true;
355         return;
356 }
357
358 result
359 _AccessController::CheckUserPrivilege(_Privilege privilege)
360 {
361         result r = E_SUCCESS;
362         bool ret = false;
363         _PrivilegeInfo privilegeInfo;
364         ClearLastResult();
365
366         SysTryReturnResult(NID_SEC, (privilege >= 0) && (privilege < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
367
368         int appType = _AppInfo::GetAppType();
369         PackageId packageId = _AppInfo::GetPackageId();
370         packageId[0] = packageId[0];
371
372         if ((appType & _APP_TYPE_WEB_APP) != _APP_TYPE_WEB_APP)
373         {
374             if (isConstructed != true)
375             {
376                 pthread_once(&onceBlock, Initialize);
377                 r = GetLastResult();
378                 if (IsFailed(r))
379                 {
380                         if (r == E_DATA_NOT_FOUND)
381                         {
382                                 SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist.");
383                                 goto CATCH;
384                         }
385                         else
386                         {
387                                 onceBlock = PTHREAD_ONCE_INIT;
388                                         SysLogException(NID_SEC, r, "[%s] Propagated.", GetErrorMessage(r));
389                         }
390                                 return r;
391                 }
392             }
393
394                 if ((pEncryptedPrivileges != null) && (pChecksum != null) && (pEncryptedVisibility != null) && (pVisibilityChecksum != null))
395                 {
396                         r = privilegeInfo.Construct(packageId, *(pEncryptedPrivileges.get()), *(pChecksum.get()), *(pEncryptedVisibility.get()), *(pVisibilityChecksum.get()), pPrivilegeList.get());
397                         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred. %ls", packageId.GetPointer());
398
399                         SysLog(NID_SEC, "%ls is in the cache [client]", privilegeInfo.GetAppId().GetPointer());
400                 }
401                 else
402                 {
403                         SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist.");
404                         r =  E_DATA_NOT_FOUND;
405                         goto CATCH;
406                 }
407
408                 ret = privilegeInfo.HasPrivilege(privilege);
409                 if (!ret)
410                 {
411                         r = E_PRIVILEGE_DENIED;
412                         goto CATCH;
413                 }
414         }
415
416         r = CheckPrivacy(packageId, privilege);
417         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_USER_NOT_CONSENTED, "The user blocks an application from calling the method.");
418
419         return r;
420
421 CATCH:
422
423         SysLogException(NID_SEC,  r, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
424
425         _AppManagerImpl* pAppManagerImpl = _AppManagerImpl::GetInstance();
426         pAppManagerImpl->TerminateApplications(packageId);
427
428         return r;
429
430 }
431
432 result
433 _AccessController::CheckUserPrivilege(_Privilege privilege1, _Privilege privilege2)
434 {
435         result r = E_SUCCESS;
436         bool ret = false;
437         _PrivilegeInfo privilegeInfo;
438         ClearLastResult();
439
440         SysTryReturnResult(NID_SEC, (privilege1 >= 0) && (privilege1 < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
441         SysTryReturnResult(NID_SEC, (privilege2 >= 0) && (privilege2 < _MAX_PRIVILEGE_ENUM), E_INVALID_ARG, "The privilege enumerator is invalid");
442
443         int appType = _AppInfo::GetAppType();
444         PackageId packageId = _AppInfo::GetPackageId();
445         packageId[0] = packageId[0];
446
447         if ((appType & _APP_TYPE_WEB_APP) != _APP_TYPE_WEB_APP)
448         {
449             if (isConstructed != true)
450             {
451                 pthread_once(&onceBlock, Initialize);
452                 r = GetLastResult();
453                 if (IsFailed(r))
454                 {
455                         if (r == E_DATA_NOT_FOUND)
456                         {
457                                 SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist.");
458                                 goto CATCH;
459                         }
460                         else
461                         {
462                                 onceBlock = PTHREAD_ONCE_INIT;
463                                         SysLogException(NID_SEC, r, "[%s] Propagated.", GetErrorMessage(r));
464                         }
465                                 return r;
466                 }
467             }
468
469                 if ((pEncryptedPrivileges != null) && (pChecksum != null) && (pEncryptedVisibility != null) && (pVisibilityChecksum != null))
470                 {
471                         r = privilegeInfo.Construct(packageId, *(pEncryptedPrivileges.get()), *(pChecksum.get()), *(pEncryptedVisibility.get()), *(pVisibilityChecksum.get()), pPrivilegeList.get());
472                         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred. %ls", packageId.GetPointer());
473
474                         SysLog(NID_SEC, "%ls is in the cache [client]", privilegeInfo.GetAppId().GetPointer());
475                 }
476                 else
477                 {
478                         SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist.");
479                         r =  E_DATA_NOT_FOUND;
480                         goto CATCH;
481                 }
482
483                 ret = privilegeInfo.HasPrivilegeEx(privilege1);
484                 if (!ret)
485                 {
486                         ret = privilegeInfo.HasPrivilege(privilege2);
487                         if (!ret)
488                         {
489                                 r = E_PRIVILEGE_DENIED;
490                                 goto CATCH;
491                         }
492                 }
493         }
494
495         r = CheckPrivacy(packageId, privilege2);
496         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_USER_NOT_CONSENTED, "The user blocks an application from calling the method.");
497
498         return r;
499
500 CATCH:
501
502         SysLogException(NID_SEC,  r, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
503
504         _AppManagerImpl* pAppManagerImpl = _AppManagerImpl::GetInstance();
505         pAppManagerImpl->TerminateApplications(packageId);
506
507         return r;
508
509 }
510
511
512 result
513 _AccessController::CheckPrivilege(const String& privilege)
514 {
515         result r = E_SUCCESS;
516         bool ret = false;
517         _PrivilegeInfo privilegeInfo;
518         ClearLastResult();
519
520         int appType = _AppInfo::GetAppType();
521         PackageId packageId = _AppInfo::GetPackageId();
522         packageId[0] = packageId[0];
523
524         if ((appType & _APP_TYPE_WEB_APP) != _APP_TYPE_WEB_APP)
525         {
526                 if (isConstructed != true)
527                 {
528                         pthread_once(&onceBlock, Initialize);
529                         r = GetLastResult();
530                         if (IsFailed(r))
531                         {
532                                 if (r == E_DATA_NOT_FOUND)
533                                 {
534                                         SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist.");
535                                         goto CATCH;
536                                 }
537                                 else
538                                 {
539                                         onceBlock = PTHREAD_ONCE_INIT;
540                                         SysLogException(NID_SEC, r, "[%s] Propagated.", GetErrorMessage(r));
541                                 }
542                                 return r;
543                         }
544                 }
545
546                 std::unique_ptr<IEnumerator> pEnum(null);
547                 pEnum.reset(pPrivilegeList->GetEnumeratorN());
548
549                 if ((pEncryptedPrivileges != null) && (pChecksum != null) && (pEncryptedVisibility != null) && (pVisibilityChecksum != null))
550                 {
551                         r = privilegeInfo.Construct(packageId, *(pEncryptedPrivileges.get()), *(pChecksum.get()), *(pEncryptedVisibility.get()), *(pVisibilityChecksum.get()), pPrivilegeList.get());
552                         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred. %ls", packageId.GetPointer());
553
554                         SysLog(NID_SEC, "%ls is in the cache [client]", privilegeInfo.GetAppId().GetPointer());
555                 }
556                 else
557                 {
558                         SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist.");
559                         r =  E_DATA_NOT_FOUND;
560                         goto CATCH;
561                 }
562
563                 ret = privilegeInfo.HasPrivilege(privilege);
564                 if (!ret)
565                 {
566                         r = E_PRIVILEGE_DENIED;
567                         goto CATCH;
568                 }
569
570         }
571
572         r = CheckPrivacy(packageId, privilege);
573         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_USER_NOT_CONSENTED, "The user blocks an application from calling the method.");
574
575         return r;
576
577 CATCH:
578
579         SysLogException(NID_SEC,  r, "[E_PRIVILEGE_DENIED] The application does not have the privilege to call this method.");
580
581         _AppManagerImpl* pAppManagerImpl = _AppManagerImpl::GetInstance();
582         pAppManagerImpl->TerminateApplications(packageId);
583
584         return r;
585 }
586
587 result
588 _AccessController::CheckPrivacy(const PackageId & packageId, _Privilege privilege)
589 {
590         result r = E_SUCCESS;
591
592         if (privacyListTable[privilege] != true)
593         {
594                 return r;
595         }
596
597         std::unique_ptr<char[]> pPackageId(null);
598         pPackageId.reset(_StringConverter::CopyToCharArrayN(packageId));
599         SysTryReturnResult(NID_SEC, pPackageId != null, E_SYSTEM, "An unexpected system error occurred.");
600
601         std::unique_ptr<char[]> pPrivilegeId(null);
602         String privilegeId(L"http://tizen.org/privilege/");
603         privilegeId.Append(privilegeListTable[privilege].privilegeString);
604
605         pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(privilegeId));
606         SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred.");
607
608         int ret = privacy_checker_check_package_by_privilege(pPackageId.get(), pPrivilegeId.get());
609         if (ret != PRIV_MGR_ERROR_SUCCESS)
610         {
611                 r = E_USER_NOT_CONSENTED;
612                 SysLog(NID_SEC, "Result: FALSE [Privacy]");
613         }
614
615         return r;
616 }
617
618 result
619 _AccessController::CheckPrivacy(const PackageId & packageId, const String& privilege)
620 {
621         result r = E_SUCCESS;
622
623         std::unique_ptr<char[]> pPackageId(null);
624         pPackageId.reset(_StringConverter::CopyToCharArrayN(packageId));
625         SysTryReturnResult(NID_SEC, pPackageId != null, E_SYSTEM, "An unexpected system error occurred.");
626
627         std::unique_ptr<char[]> pPrivilegeId(null);
628         pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(privilege));
629         SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred.");
630
631         int ret = privacy_checker_check_package_by_privilege(pPackageId.get(), pPrivilegeId.get());
632         if (ret != PRIV_MGR_ERROR_SUCCESS)
633         {
634                 r = E_USER_NOT_CONSENTED;
635                 SysLog(NID_SEC, "Result: FALSE [Privacy]");
636         }
637
638         return r;
639 }
640
641 }} //Tizen::Security
Domain: App Framework / Uncategorized;